News

Recently registered Domains - how to avoid the risks

2016-12-06 12:00:00 GMT, by Barry Branagh

Research by Spamhaus has driven the development of the new Zero Reputation Domain service designed to thwart cyber criminals who use newly-registered domains to send spam and drive traffic to harmful websites hoping that users will fall victim before a domain has been analysed for its reputation.

Legitimate organisations will rarely activate a domain and start using it immediately after registration so the ZRD automatically adds newly-registered and previously dormant domains to a blocklist for 24 hours. This protects users from clicking on links and visiting domains until it can be firmly established that they are not associated with zero day attacks, phishing, bot-herding, spyware and ransomware campaigns. The ZRD blocklist is already proving its worth in a pilot with a UK-based email security service provider.

"After enabling the Spamhaus ZRD, I immediately saw a reduction in the amount of spam that needed expensive content scanning by around 33% as we could reject it outright."

"Normally I would get quite excited at something that reduced this by approximately 10% and the ZRD varies by day between to around 20-30% and those are unique hits which are not caught by other lists, so it's pretty incredible."

It's also hitting exactly what I hoped it would - domains that are registered and used in spam immediately that have been difficult to catch."

Existing Spamhaus users can enable ZRD as a Data Query Service by contacting their usual local re-seller.

ZRD complements existing Domain Name blocklists generated by Spamhaus' global team of security researchers who maintain constantly updated domain-based blocklists using data compiled from a range of live sources.

About Spamhaus Technology

Founded in London in 2004, Spamhaus Technology provides commercial data distribution and synchronization services for the real-time datastreams, raw datasets and security technologies developed by the non-profit organization The Spamhaus Project.

From the proceeds of these services, Spamhaus Technology supports a pool of worldwide public servers that providing data to the public, funds research into anti-spam technologies and contributes research and equipment to the global fight against cybercrime.